Which of the following is an inherent weakness of signature-based intrusion detection systems?
A.
A higher number of false positives
B.
New attack methods will be missed
C.
Long duration probing will be missed
D.
Attack profiles can be easily spoofed
Explanation:
Signature-based intrusion detection systems do not detect new attack methods for which
signatures have not yet been developed. False positives are not necessarily any higher, andspoofing is not relevant in this case. Long duration probing is more likely to fool anomaly-based
systems (boiling frog technique).